github-starred/vaultwarden
2
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2026-05-23 16:42:18 -05:00
Code Issues 307 Packages Projects Releases 83 Wiki Activity

[GH-ISSUE #6912] bw cli 2026.2.0 login Error - TypeError: Cannot read properties of null #11377

New Issue
Closed
opened 2026-04-20 14:58:57 -05:00 by GiteaMirror · 7 comments
GiteaMirror commented 2026-04-20 14:58:57 -05:00
Owner
Copy Link

Originally created by @Jehoshwa on GitHub (Mar 8, 2026).
Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/6912

Originally assigned to: @BlackDex on GitHub.

Prerequisites

Vaultwarden Support String

Your environment (Generated via diagnostics page)

  • Vaultwarden version: v1.35.3
  • Web-vault version: v2026.1.1
  • OS/Arch: linux/aarch64
  • Running within a container: true (Base: Debian)
  • Database type: SQLite
  • Database version: 3.50.2
  • Uses config.json: true
  • Uses a reverse proxy: true
  • IP Header check: true (CF-Connecting-IP)
  • Internet access: true
  • Internet access via a proxy: false
  • DNS Check: true
  • Browser/Server Time Check: true
  • Server/NTP Time Check: true
  • Domain Configuration Check: true
  • HTTPS Check: true
  • Websocket Check: true
  • HTTP Response Checks: true

Config & Details (Generated via diagnostics page)

Show Config & Details

Environment settings which are overridden: ADMIN_TOKEN, IP_HEADER

Config:

{
  "_duo_akey": null,
  "_enable_duo": true,
  "_enable_email_2fa": true,
  "_enable_smtp": true,
  "_enable_yubico": true,
  "_icon_service_csp": "",
  "_icon_service_url": "",
  "_ip_header_enabled": true,
  "_max_note_size": 10000,
  "_smtp_img_src": "***:",
  "admin_ratelimit_max_burst": 3,
  "admin_ratelimit_seconds": 300,
  "admin_session_lifetime": 20,
  "admin_token": "***",
  "allowed_connect_src": "",
  "allowed_iframe_ancestors": "",
  "attachments_folder": "data/attachments",
  "auth_request_purge_schedule": "30 * * * * *",
  "authenticator_disable_time_drift": false,
  "data_folder": "data",
  "database_conn_init": "",
  "database_idle_timeout": 600,
  "database_max_conns": 10,
  "database_min_conns": 2,
  "database_timeout": 30,
  "database_url": "***************",
  "db_connection_retries": 15,
  "disable_2fa_remember": false,
  "disable_admin_token": false,
  "disable_icon_download": false,
  "dns_prefer_ipv6": false,
  "domain": "*****://*************",
  "domain_origin": "*****://*************",
  "domain_path": "",
  "domain_set": true,
  "duo_context_purge_schedule": "30 * * * * *",
  "duo_host": null,
  "duo_ikey": null,
  "duo_skey": null,
  "duo_use_iframe": false,
  "email_2fa_auto_fallback": false,
  "email_2fa_enforce_on_verified_invite": false,
  "email_attempts_limit": 3,
  "email_change_allowed": true,
  "email_expiration_time": 600,
  "email_token_size": 6,
  "emergency_access_allowed": true,
  "emergency_notification_reminder_schedule": "0 3 * * * *",
  "emergency_request_timeout_schedule": "0 7 * * * *",
  "enable_db_wal": true,
  "enable_websocket": true,
  "enforce_single_org_with_reset_pw_policy": false,
  "event_cleanup_schedule": "0 10 0 * * *",
  "events_days_retain": null,
  "experimental_client_feature_flags": "",
  "extended_logging": false,
  "helo_name": null,
  "hibp_api_key": null,
  "http_request_block_non_global_ips": true,
  "http_request_block_regex": null,
  "icon_blacklist_non_global_ips": true,
  "icon_blacklist_regex": null,
  "icon_cache_folder": "data/icon_cache",
  "icon_cache_negttl": 259200,
  "icon_cache_ttl": 2592000,
  "icon_download_timeout": 10,
  "icon_redirect_code": 302,
  "icon_service": "internal",
  "incomplete_2fa_schedule": "30 * * * * *",
  "incomplete_2fa_time_limit": 3,
  "increase_note_size_limit": false,
  "invitation_expiration_hours": 120,
  "invitation_org_name": "Vaultwarden",
  "invitations_allowed": true,
  "ip_header": "CF-Connecting-IP",
  "job_poll_interval_ms": 30000,
  "log_file": "data/vw.log",
  "log_level": "info",
  "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f",
  "login_ratelimit_max_burst": 10,
  "login_ratelimit_seconds": 60,
  "org_attachment_limit": null,
  "org_creation_users": "",
  "org_events_enabled": false,
  "org_groups_enabled": false,
  "password_hints_allowed": true,
  "password_iterations": 600000,
  "purge_incomplete_sso_auth": "0 20 0 * * *",
  "push_enabled": false,
  "push_identity_uri": "https://identity.bitwarden.com",
  "push_installation_id": "***",
  "push_installation_key": "***",
  "push_relay_uri": "https://push.bitwarden.com",
  "reload_templates": false,
  "require_device_email": false,
  "rsa_key_filename": "data/rsa_key",
  "send_purge_schedule": "0 5 * * * *",
  "sendmail_command": null,
  "sends_allowed": true,
  "sends_folder": "data/sends",
  "show_password_hint": false,
  "signups_allowed": false,
  "signups_domains_whitelist": "",
  "signups_verify": false,
  "signups_verify_resend_limit": 6,
  "signups_verify_resend_time": 3600,
  "smtp_accept_invalid_certs": false,
  "smtp_accept_invalid_hostnames": false,
  "smtp_auth_mechanism": null,
  "smtp_debug": false,
  "smtp_embed_images": true,
  "smtp_explicit_tls": null,
  "smtp_from": "******************",
  "smtp_from_name": "***********",
  "smtp_host": "*************",
  "smtp_password": "***",
  "smtp_port": 465,
  "smtp_security": "force_tls",
  "smtp_ssl": null,
  "smtp_timeout": 15,
  "smtp_username": "******************",
  "sso_allow_unknown_email_verification": false,
  "sso_audience_trusted": null,
  "sso_auth_only_not_session": false,
  "sso_authority": "",
  "sso_authorize_extra_params": "",
  "sso_callback_path": "*****://******************************************",
  "sso_client_cache_expiration": 0,
  "sso_client_id": "",
  "sso_client_secret": "***",
  "sso_debug_tokens": false,
  "sso_enabled": false,
  "sso_master_password_policy": null,
  "sso_only": false,
  "sso_pkce": true,
  "sso_scopes": "email profile",
  "sso_signups_match_email": true,
  "templates_folder": "data/templates",
  "tmp_folder": "data/tmp",
  "trash_auto_delete_days": null,
  "trash_purge_schedule": "0 5 0 * * *",
  "use_sendmail": false,
  "use_syslog": false,
  "user_attachment_limit": 50000,
  "user_send_limit": null,
  "web_vault_enabled": true,
  "web_vault_folder": "web-vault/",
  "yubico_client_id": "100049",
  "yubico_secret_key": "***",
  "yubico_server": null
}

Vaultwarden Build Version

1.35.3

Deployment method

Official Container Image

Custom deployment method

services:
vwarden01:
image: vaultwarden/server:latest
container_name: vw01
volumes:
- /etc/localtime:/etc/localtime:ro
- /etc/timezone:/etc/timezone:ro
- /srv/vw01/data:/data
ports:
- 127.0.0.1:7011:80
restart: unless-stopped
environment:
- IP_HEADER=CF-Connecting-IP
- LOG_FILE=data/vw.log
- LOG_LEVEL=info
- EXTENDED_LOGGING=false

Reverse Proxy

caddy2

Host/Server Operating System

Linux

Operating System Version

Debian 13

Clients

CLI

Client Version

2026.2.0

Steps To Reproduce

root@myserver# export BW_SERVER=https://xxxxxxxxxxx
root@myserver# export BW_CLIENTID=user.xxxxxxxx-xxxx-xxxx-xxxx.xxxxxxxxxxxx
root@myserver# export BW_CLIENTSECRET=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

root@myserver# bw --version
2026.2.0

root@myserver# bw login --apikey
TypeError: Cannot read properties of null (reading 'toWrappedAccountCryptographicState')

root@myserver# bw status
{"serverUrl":"https://xxxxxxxxxxx","lastSync":null,"userEmail":"xxx@xxx","userId":"xxxxxxxxxxxxxx","status":"locked"}

root@myserver# bw unlock
? Master password: [input is hidden]

root@myserver# bw status
{"serverUrl":"https://xxxxxxxxxxx","lastSync":null,"userEmail":"xxx@xxx","userId":"xxxxxxxxxxxxxx","status":"locked"}

Expected Result

Expect after login can unlock succesfully.

Actual Result

Shows logged in, but unlock not work.

I found from my other server there is a old version cli, copy it to the current server, then everything is ok.

On another server which run bw cli 2026.1
tar -czf bwcli.2026.1.tar.gz -C /usr/local/lib/node_modules @bitwarden

recover the 2026.2
tar -xzf bwcli.2026.1.tar.gz" -C /usr/local/lib/node_modules/

Logs

POST /identity/connect/token
User xxxxx@xxxxxxxxxxxxxxx logged in successfully via API key. IP: xx.xx.xx.xx
(login) POST /identity/connect/token => 200 OK
GET /api/config
(config) GET /api/config => 200 OK

Screenshots or Videos

No response

Additional Context

No response

Originally created by @Jehoshwa on GitHub (Mar 8, 2026). Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/6912 Originally assigned to: @BlackDex on GitHub. ### Prerequisites - [x] I have searched the existing **Closed _AND_ Open** [Issues](https://github.com/dani-garcia/vaultwarden/issues?q=is%3Aissue%20) **_AND_** [Discussions](https://github.com/dani-garcia/vaultwarden/discussions?discussions_q=) - [x] I have searched and read the [documentation](https://github.com/dani-garcia/vaultwarden/wiki/) ### Vaultwarden Support String ### Your environment (Generated via diagnostics page) * Vaultwarden version: v1.35.3 * Web-vault version: v2026.1.1 * OS/Arch: linux/aarch64 * Running within a container: true (Base: Debian) * Database type: SQLite * Database version: 3.50.2 * Uses config.json: true * Uses a reverse proxy: true * IP Header check: true (CF-Connecting-IP) * Internet access: true * Internet access via a proxy: false * DNS Check: true * Browser/Server Time Check: true * Server/NTP Time Check: true * Domain Configuration Check: true * HTTPS Check: true * Websocket Check: true * HTTP Response Checks: true ### Config & Details (Generated via diagnostics page) <details><summary>Show Config & Details</summary> **Environment settings which are overridden:** ADMIN_TOKEN, IP_HEADER **Config:** ```json { "_duo_akey": null, "_enable_duo": true, "_enable_email_2fa": true, "_enable_smtp": true, "_enable_yubico": true, "_icon_service_csp": "", "_icon_service_url": "", "_ip_header_enabled": true, "_max_note_size": 10000, "_smtp_img_src": "***:", "admin_ratelimit_max_burst": 3, "admin_ratelimit_seconds": 300, "admin_session_lifetime": 20, "admin_token": "***", "allowed_connect_src": "", "allowed_iframe_ancestors": "", "attachments_folder": "data/attachments", "auth_request_purge_schedule": "30 * * * * *", "authenticator_disable_time_drift": false, "data_folder": "data", "database_conn_init": "", "database_idle_timeout": 600, "database_max_conns": 10, "database_min_conns": 2, "database_timeout": 30, "database_url": "***************", "db_connection_retries": 15, "disable_2fa_remember": false, "disable_admin_token": false, "disable_icon_download": false, "dns_prefer_ipv6": false, "domain": "*****://*************", "domain_origin": "*****://*************", "domain_path": "", "domain_set": true, "duo_context_purge_schedule": "30 * * * * *", "duo_host": null, "duo_ikey": null, "duo_skey": null, "duo_use_iframe": false, "email_2fa_auto_fallback": false, "email_2fa_enforce_on_verified_invite": false, "email_attempts_limit": 3, "email_change_allowed": true, "email_expiration_time": 600, "email_token_size": 6, "emergency_access_allowed": true, "emergency_notification_reminder_schedule": "0 3 * * * *", "emergency_request_timeout_schedule": "0 7 * * * *", "enable_db_wal": true, "enable_websocket": true, "enforce_single_org_with_reset_pw_policy": false, "event_cleanup_schedule": "0 10 0 * * *", "events_days_retain": null, "experimental_client_feature_flags": "", "extended_logging": false, "helo_name": null, "hibp_api_key": null, "http_request_block_non_global_ips": true, "http_request_block_regex": null, "icon_blacklist_non_global_ips": true, "icon_blacklist_regex": null, "icon_cache_folder": "data/icon_cache", "icon_cache_negttl": 259200, "icon_cache_ttl": 2592000, "icon_download_timeout": 10, "icon_redirect_code": 302, "icon_service": "internal", "incomplete_2fa_schedule": "30 * * * * *", "incomplete_2fa_time_limit": 3, "increase_note_size_limit": false, "invitation_expiration_hours": 120, "invitation_org_name": "Vaultwarden", "invitations_allowed": true, "ip_header": "CF-Connecting-IP", "job_poll_interval_ms": 30000, "log_file": "data/vw.log", "log_level": "info", "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f", "login_ratelimit_max_burst": 10, "login_ratelimit_seconds": 60, "org_attachment_limit": null, "org_creation_users": "", "org_events_enabled": false, "org_groups_enabled": false, "password_hints_allowed": true, "password_iterations": 600000, "purge_incomplete_sso_auth": "0 20 0 * * *", "push_enabled": false, "push_identity_uri": "https://identity.bitwarden.com", "push_installation_id": "***", "push_installation_key": "***", "push_relay_uri": "https://push.bitwarden.com", "reload_templates": false, "require_device_email": false, "rsa_key_filename": "data/rsa_key", "send_purge_schedule": "0 5 * * * *", "sendmail_command": null, "sends_allowed": true, "sends_folder": "data/sends", "show_password_hint": false, "signups_allowed": false, "signups_domains_whitelist": "", "signups_verify": false, "signups_verify_resend_limit": 6, "signups_verify_resend_time": 3600, "smtp_accept_invalid_certs": false, "smtp_accept_invalid_hostnames": false, "smtp_auth_mechanism": null, "smtp_debug": false, "smtp_embed_images": true, "smtp_explicit_tls": null, "smtp_from": "******************", "smtp_from_name": "***********", "smtp_host": "*************", "smtp_password": "***", "smtp_port": 465, "smtp_security": "force_tls", "smtp_ssl": null, "smtp_timeout": 15, "smtp_username": "******************", "sso_allow_unknown_email_verification": false, "sso_audience_trusted": null, "sso_auth_only_not_session": false, "sso_authority": "", "sso_authorize_extra_params": "", "sso_callback_path": "*****://******************************************", "sso_client_cache_expiration": 0, "sso_client_id": "", "sso_client_secret": "***", "sso_debug_tokens": false, "sso_enabled": false, "sso_master_password_policy": null, "sso_only": false, "sso_pkce": true, "sso_scopes": "email profile", "sso_signups_match_email": true, "templates_folder": "data/templates", "tmp_folder": "data/tmp", "trash_auto_delete_days": null, "trash_purge_schedule": "0 5 0 * * *", "use_sendmail": false, "use_syslog": false, "user_attachment_limit": 50000, "user_send_limit": null, "web_vault_enabled": true, "web_vault_folder": "web-vault/", "yubico_client_id": "100049", "yubico_secret_key": "***", "yubico_server": null } ``` </details> ### Vaultwarden Build Version 1.35.3 ### Deployment method Official Container Image ### Custom deployment method services: vwarden01: image: vaultwarden/server:latest container_name: vw01 volumes: - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro - /srv/vw01/data:/data ports: - 127.0.0.1:7011:80 restart: unless-stopped environment: - IP_HEADER=CF-Connecting-IP - LOG_FILE=data/vw.log - LOG_LEVEL=info - EXTENDED_LOGGING=false ### Reverse Proxy caddy2 ### Host/Server Operating System Linux ### Operating System Version Debian 13 ### Clients CLI ### Client Version 2026.2.0 ### Steps To Reproduce root@myserver# export BW_SERVER=https://xxxxxxxxxxx root@myserver# export BW_CLIENTID=user.xxxxxxxx-xxxx-xxxx-xxxx.xxxxxxxxxxxx root@myserver# export BW_CLIENTSECRET=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX root@myserver# bw --version 2026.2.0 root@myserver# bw login --apikey TypeError: Cannot read properties of null (reading 'toWrappedAccountCryptographicState') root@myserver# bw status {"serverUrl":"https://xxxxxxxxxxx","lastSync":null,"userEmail":"xxx@xxx","userId":"xxxxxxxxxxxxxx","status":"locked"} root@myserver# bw unlock ? Master password: [input is hidden] root@myserver# bw status {"serverUrl":"https://xxxxxxxxxxx","lastSync":null,"userEmail":"xxx@xxx","userId":"xxxxxxxxxxxxxx","status":"locked"} ### Expected Result Expect after login can unlock succesfully. ### Actual Result Shows logged in, but unlock not work. I found from my other server there is a old version cli, copy it to the current server, then everything is ok. On another server which run bw cli 2026.1 tar -czf bwcli.2026.1.tar.gz -C /usr/local/lib/node_modules \@bitwarden recover the 2026.2 tar -xzf bwcli.2026.1.tar.gz" -C /usr/local/lib/node_modules/ ### Logs ```text POST /identity/connect/token User xxxxx@xxxxxxxxxxxxxxx logged in successfully via API key. IP: xx.xx.xx.xx (login) POST /identity/connect/token => 200 OK GET /api/config (config) GET /api/config => 200 OK ``` ### Screenshots or Videos _No response_ ### Additional Context _No response_
GiteaMirror added the bug label 2026-04-20 14:58:57 -05:00
GiteaMirror commented 2026-04-20 14:59:01 -05:00
Author
Owner
Copy Link

@Guru-25 commented on GitHub (Mar 8, 2026):

I too got this error

TypeError: Cannot read properties of null (reading 'toWrappedAccountCryptographicState')

<!-- gh-comment-id:4018785624 --> @Guru-25 commented on GitHub (Mar 8, 2026): I too got this error `TypeError: Cannot read properties of null (reading 'toWrappedAccountCryptographicState')`
GiteaMirror commented 2026-04-20 14:59:02 -05:00
Author
Owner
Copy Link

@xuanyepan commented on GitHub (Mar 8, 2026):

Image

I encountered the same error when using Edge browser, but there is no such problem when using Firefox.

<!-- gh-comment-id:4018895544 --> @xuanyepan commented on GitHub (Mar 8, 2026): <img width="271" height="46" alt="Image" src="https://github.com/user-attachments/assets/136ae73f-bda7-4cd1-a182-ed2173285659" /> I encountered the same error when using Edge browser, but there is no such problem when using Firefox.
GiteaMirror commented 2026-04-20 14:59:04 -05:00
Author
Owner
Copy Link

@SenpaiSimon commented on GitHub (Mar 8, 2026):

Having the same issue, this only happens when logging in through bw login --apikey and having set both needed env vars beforehand. When logging in using bw login and no additional arguments it all works after entering the prompts manually. Sadly this killed my backup export routines atm.

<!-- gh-comment-id:4020087189 --> @SenpaiSimon commented on GitHub (Mar 8, 2026): Having the same issue, this only happens when logging in through bw login --apikey and having set both needed env vars beforehand. When logging in using bw login and no additional arguments it all works after entering the prompts manually. Sadly this killed my backup export routines atm.
GiteaMirror commented 2026-04-20 14:59:05 -05:00
Author
Owner
Copy Link

@trinvh commented on GitHub (Mar 9, 2026):

Same issue. I got to setup my new mac and install new Edge which encountering the same issue on Edge

<!-- gh-comment-id:4021250539 --> @trinvh commented on GitHub (Mar 9, 2026): Same issue. I got to setup my new mac and install new Edge which encountering the same issue on Edge
GiteaMirror commented 2026-04-20 14:59:06 -05:00
Author
Owner
Copy Link

@trinvh commented on GitHub (Mar 9, 2026):

For who is encountering the same issue like me with Chrome/Edge extension. Use previous version 2026.1.1 works for me.

Attached zip file is the unpacked extension I downloaded from crx4chrome, you can delete the store-version of the extension and enable developer mode to load this unpacked extension. Hope it helps

nngceckbapebfimnlniiiahkandclblb-2026.1.1-Crx4Chrome.com.zip

<!-- gh-comment-id:4021280272 --> @trinvh commented on GitHub (Mar 9, 2026): For who is encountering the same issue like me with Chrome/Edge extension. Use previous version `2026.1.1` works for me. Attached zip file is the unpacked extension I downloaded from crx4chrome, you can delete the store-version of the extension and enable developer mode to load this unpacked extension. Hope it helps [nngceckbapebfimnlniiiahkandclblb-2026.1.1-Crx4Chrome.com.zip](https://github.com/user-attachments/files/25833129/nngceckbapebfimnlniiiahkandclblb-2026.1.1-Crx4Chrome.com.zip)
GiteaMirror commented 2026-04-20 14:59:07 -05:00
Author
Owner
Copy Link

@BlackDex commented on GitHub (Mar 9, 2026):

I have confirmed the issue, and also able to fix it for the CLI.

I'm not able to reproduce this with the Browser Extensions, for those people i would suggest to be sure to have the latest Vaultwarden Server installed.

<!-- gh-comment-id:4024905693 --> @BlackDex commented on GitHub (Mar 9, 2026): I have confirmed the issue, and also able to fix it for the CLI. I'm not able to reproduce this with the Browser Extensions, for those people i would suggest to be sure to have the latest Vaultwarden Server installed.
GiteaMirror commented 2026-04-20 14:59:08 -05:00
Author
Owner
Copy Link

@vitich commented on GitHub (Mar 9, 2026):

Firefox.
SSO login enabled - no problems with SSO.
But bw login --apikey returns:

TypeError: Cannot read properties of null (reading 'toWrappedAccountCryptographicState')

It says I'm logged in but after entering the master password it asks for - it doesn't return anything - bw unlock --raw is also empty

Should I try older versions of the console client or browser plugin?

UPDATE:
bw-linux-2024.12.0.zip works!
Everything works through the API

<!-- gh-comment-id:4025024985 --> @vitich commented on GitHub (Mar 9, 2026): Firefox. SSO login enabled - no problems with SSO. But bw login --apikey returns: TypeError: Cannot read properties of null (reading 'toWrappedAccountCryptographicState') It says I'm logged in but after entering the master password it asks for - it doesn't return anything - bw unlock --raw is also empty Should I try older versions of the console client or browser plugin? UPDATE: bw-linux-2024.12.0.zip works! Everything works through the API
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
better for forum
bug
documentation
duplicate
enhancement
future Vault
good first issue
help wanted
low priority
notes
pull-request
Mirrored from GitHub Pull Request
 question
SSO
Third party
troubleshooting
wontfix
No Label bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/vaultwarden#11377
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?